Re: bind v6 record

2020-09-14 Thread Nyamkhand Buluukhuu
Hi, Yeah, on both. I didn't configure to filter records, is it necessary? Have a nice day :) BR, NYAMKHAND Buluukhuu Engineer TPD/ETSD UNESCO street - 28, MPM Complex Ulaanbaatar -14220, Mongolia Mobile: (976) 94081017 Web: www.mobicom.mn Before you start

Re: bind v6 record

2020-09-14 Thread Mark Andrews
So have the records been added to both instances of the zone? Have you told one view to filter records? Look in named.conf. filter- { ; ... }; filter--on-v4 ( break-dnssec | ); filter--on-v6 ( break-dnssec | ); filter- support is compiled out

Re: bind v6 record

2020-09-14 Thread Nyamkhand Buluukhuu
Hello, I have internal and external views of mobinet.mn. And as I can see, serial became different when signed. Look below: 15-Sep-2020 11:56:03.624 general: info: zone mobinet.mn/IN/external (unsigned): loaded serial 2020080310 15-Sep-2020 11:56:03.627 general: info: zone mobinet.mn/IN/external

Re: bind v6 record

2020-09-14 Thread Mark Andrews
Look at the serial numbers in the answer below (2020080309) and the one I reported being available publicly ( 2020080363). Wherever you are getting the contents of mobinet.mn from it is out-of-date. You have the necessary tools and information to figure out where the problem is. Just work the

Re: bind v6 record

2020-09-14 Thread Nyamkhand Buluukhuu
Hi, I've updated the zone and it looks like isn't the reason. [root@mdns ~]# dig mobinet.mn @2407:6400:0:400::12 ; <<>> DiG 9.11.19 <<>> mobinet.mn @2407:6400:0:400::12 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61375 ;; flags: qr aa rd;

Re: bind v6 record

2020-09-14 Thread Mark Andrews
You have a out-of-date local copy of the zone. Look for ‘zone “mobinet.mn” {‘ in named.conf in 2407:6400:0:400::12. Mark > On 15 Sep 2020, at 10:31, Nyamkhand Buluukhuu wrote: > > > Ah, I see, > the cache on the resolver is out of date? > I restarted the named but it's still the same. > > I

Re: bind v6 record

2020-09-14 Thread Nyamkhand Buluukhuu
Ah, I see, the cache on the resolver is out of date? I restarted the named but it's still the same. I restarted named on authoritative /mdns.mobinet.mn/ too. Have a nice day :) BR, NYAMKHAND Buluukhuu Engineer TPD/ETSD UNESCO street - 28, MPM Complex Ulaanbaatar -14220, Mongolia Mobile: (9

Re: rbldnsd and DNSSEC compatibility issues - any suggestions?

2020-09-14 Thread Fred Morris
On Mon, 14 Sep 2020, Mark Andrews wrote: [...] All the queries to the recursive server with this configuration not answered by the server will leak. The configuration needs “forward only;” to be added to prevent the leak. We see this all the time. zone “non-existant-tld” { type forward

Re: bind v6 record

2020-09-14 Thread Mark Andrews
You have a out-of-date local copy of the zone. The zone’s contents publicly available have a serial of 2020080363. Your copy of the zone has a serial of 2020042290. mobinet.mn. 3600IN SOA mdns.mobinet.mn. administrator.mobinet.mn. 2020080363 10800 3600 1209600 38400

bind v6 record

2020-09-14 Thread Nyamkhand Buluukhuu
Dears, What might be the reason of resolver couldn't get the record of the domain? /Other records are fine/ No answer but no error too. = ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11256 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIO